Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CosmosDB role assignment needs extra principal-type flag #122530

Closed
UnMorrer opened this issue May 15, 2024 · 2 comments
Closed

CosmosDB role assignment needs extra principal-type flag #122530

UnMorrer opened this issue May 15, 2024 · 2 comments
Assignees
@Naveenommi-MSFT
Labels
Change sent to author cosmos-db/svc cxp doc-bug Pri1 triaged

Comments

@UnMorrer
Copy link

Dear Microsoft team,

The command you outlined in this documentation for creating a cosmosDB sql role assignment for a service principal does not work in Azure CLI.
az cosmosdb sql role assignment create --account-name $ACCOUNT_NAME --resource-group $RESOURCE_GROUP_NAME --scope "/" --principal-id $PRINCIPAL_ID --role-definition-id $READ_WRITE_DEFINITION_ROLE_ID

Currently, I not only need the correct Object ID but also needed to supply an extra flag --principal-type ServicePrincipal" in order to make the command work, like so:
az cosmosdb sql role assignment create --account-name $ACCOUNT_NAME --resource-group $RESOURCE_GROUP_NAME --scope "/" --principal-id $PRINCIPAL_ID --role-definition-id $READ_WRITE_DEFINITION_ROLE_ID --principal-type "ServicePrincipal"

Otherwise, I got the following error:

Code: BadRequest
Message: The provided principal ID [REDACTED] was found to be of an unsupported type : [Application]
ActivityId: [REDACTED], Microsoft.Azure.Documents.Common/2.14.0, Microsoft.Azure.Documents.Common/2.14.0, Microsoft.Azure.Documents.Common/2.14.0, Microsoft.Azure.Documents.Common/2.14.0, Microsoft.Azure.Documents.Common/2.14.0, Microsoft.Azure.Documents.Common/2.14.0

Document Details

Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.
@PesalaPavan
Copy link
Contributor

@UnMorrer
Thanks for your feedback! We will investigate and update as appropriate.

@Naveenommi-MSFT
Copy link
Contributor

Hi @UnMorrer
Thank you for bringing this to our attention! We've initiated a pull request (PR) to address this issue. Once the author reviews the changes, they will be merged, and the updates should go live shortly. Your diligence is much appreciated!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Naveenommi-MSFT Naveenommi-MSFT

Labels
Change sent to author cosmos-db/svc cxp doc-bug Pri1 triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@UnMorrer @Naveenommi-MSFT @PesalaPavan